[cfaussie] Re: Multiple vulnerablities in Flash player

Scott Barnes Tue, 04 Mar 2003 16:24:16 -0800

hmmmm.. I thought it was his theory and i was like "no way sandbox is
fux0red, they said so.."


Still majorly sceptical as to how it can be done, the only thing i can think
of (and i'm no hacker), is that they find some way to force FlashMX to right
to a file / read a file... maybe hax0ring the clientside shared object, by
getting it to write somewhere else on the hdd?

Its a very slim chance imho..

Scott.


"Mark Stanton" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]
>
> Scott
>
> Viktor said:
> >The update fixes several buffer overflows and methods of bypassing the
> sandbox.
>
> The email from MM said:
> ....Recently, Macromedia became aware of potential security
> issues with Macromedia Flash Player. A new version of
> Macromedia Flash Player fixes these issues to protect
> our users from any content that attempts to execute
> this type of malicious code.
>
> The cumulative security patch is available today and
> addresses the potential for future exploits surrounding
> buffer overflows (read/write) and sandbox integrity within
> the player which might allow malicious users to gain access
> to a users computer...
>
> ...SEVERITIY RATING
>
> Macromedia categorizes this issue as a critical update and
> recommends users immediately update to the newest player...
>
> I think the problem lies with the sandbox - ie. it does not work.
>
> hth
>
> Cheers
>
> Mark
>
>
> ______________
> Mark Stanton
> Web Production
> Gruden Pty Ltd
> Tel: 9956 6388
> Mob: 0410 458 201
> Fax: 9956 8433
> www.gruden.com
>
>
>
>



---
You are currently subscribed to cfaussie as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]

MX Downunder AsiaPac DevCon - http://mxdu.com/

[cfaussie] Re: Multiple vulnerablities in Flash player

Reply via email to